<?php
class MSEP_Comment extends MSEP_Object
{


      public function __init(MSEP $core)
      {
            $this->core = $core;
      }



      function comment_post($comment_body, $comment_secure, $object_title = "", $object_owner = "", $object_owner_id = 0, $object_privacy = "", $album_id, $album_name)
      {
            global $comment, $database, $user, $owner, $setting, $actions, $notify, $url;

            $comment_id = 0;
            $comment_date = time();

            // RETRIEVE AND CHECK SECURITY CODE IF NECESSARY
            if( $setting['setting_comment_code'] )
            {
              // NOW IN HEADER
              $code_found = false;
              if( @$_SESSION['code'] == $comment_secure )
                $code_found = true;

              if( !empty($_SESSION['codes']) && is_array($_SESSION['codes']) )
              {
                foreach( $_SESSION['codes'] as $index => $code_info )
                {
                  if( $code_info['code'] == $comment_secure )
                  {
                    $code_found = true;
                    unset($_SESSION['codes'][$index]);
                  }
                }
              }

              if( !$code_found )
                $comment->is_error = 1;


              //session_start();
              //$code = $_SESSION['code'];
              //if($code == "") { $code = randomcode(); }
              //if($comment_secure != $code) { $comment->is_error = 1; }
            }

            // MAKE SURE COMMENT BODY IS NOT EMPTY - ADD BREAKS AND CENSOR
            $comment_body = cleanHTML(censor($comment_body), $setting['setting_comment_html'], Array("style"));
            $comment_body = preg_replace('/(\r\n?)/', "\n", $comment_body);
            $comment_body = str_replace("\n", "<br>", $comment_body);
            $comment_body = preg_replace('/(<br>){3,}/is', '<br><br>', $comment_body);
            $comment_body = str_replace("'", "\'", $comment_body);
            if( !trim($comment_body) )
            {
              $comment->is_error = 1;
              $comment_body = "";
            }

            // ADD COMMENT IF NO ERROR
            if( !$comment->is_error )
            {
              $resource = $database->database_query("
                INSERT INTO `se_{$comment->comment_type}comments` (
                  `{$comment->comment_type}comment_{$comment->comment_identifier}`,
                  `{$comment->comment_type}comment_authoruser_id`,
                  `{$comment->comment_type}comment_date`,
                  `{$comment->comment_type}comment_body`
                ) VALUES (
                  '{$comment->comment_identifying_value}',
                  '{$user->user_info['user_id']}',
                  '{$comment_date}',
                  '{$comment_body}'
                )
              ");

              $comment_id = $database->database_insert_id();
              // New handling - total cached in parent table
              if( $resource && $comment->comment_parent_type && $comment->comment_parent_identifier )
              {
                $database->database_query("
                  UPDATE
                    `se_{$comment->comment_parent_type}`
                  SET
                    `{$comment->comment_parent_identifier}_totalcomments`=`{$comment->comment_parent_identifier}_totalcomments`+1
                  WHERE
                    `{$comment->comment_identifier}`='{$comment->comment_identifying_value}'
                  LIMIT
                    1
                ");
              }

              // INSERT ACTION IF USER EXISTS
              if( $user->user_exists )
              {
                $commenter = $user->user_displayname;
                $comment_body_encoded = strip_tags($comment_body);

                if( strlen($comment_body_encoded) > 250 ) $comment_body_encoded = substr($comment_body_encoded, 0, 247)."...";

                $comment_body_encoded = str_replace(Array("<br>", "<br />"), " ", $comment_body_encoded);

                $actions->actions_add($user, $comment->comment_type."comment", Array(
                  $user->user_info['user_username'],
                  $user->user_displayname,
                  $owner->user_info['user_username'],
                  $owner->user_displayname,
                  $album_id,
                  $comment->comment_identifying_value,
                  $album_name,
                  $comment_body_encoded,
                ), Array(), 0, false, "user", $object_owner_id, $object_privacy);
              }
              else
              {
                SE_Language::_preload(835);
                SE_Language::load();
                $commenter = SE_Language::_get(835);
              }

              // SEND PROFILE COMMENT NOTIFICATION IF COMMENTER IS NOT OWNER
              if( $owner->user_info['user_id'] != $user->user_info['user_id'] )
              {
                $notifytype = $notify->notify_add(
                  $owner->user_info['user_id'],
                  $comment->comment_type."comment",
                  $comment->comment_identifying_value,
                  Array(
                    $owner->user_info['user_username'],
                    $comment->comment_identifying_value,
                    $object_owner_id
                  ),
                  Array($object_title)
                );
                $object_url = $url->url_base.vsprintf($notifytype['notifytype_url'], Array($owner->user_info['user_username'], $comment->comment_identifying_value));
                $owner->user_settings();
                if( $owner->usersetting_info['usersetting_notify_'.$comment->comment_type.'comment'] )
                {
                  send_systememail($comment->comment_type."comment", $owner->user_info['user_email'], Array($owner->user_displayname, $commenter, "<a href=\"$object_url\">$object_url</a>"));
                }
              }
            }

            return Array(
              'comment_id' => $comment_id,
              'comment_body' => $comment_body,
              'comment_date' => $comment_date
            );
      }
}
?>